site to site vpn download speed is limited

0

We are having a site to site vpn connection using Customer gateway and Virtual private gateway. We are using the VPN to perform a DR on Dell DDVE. we did replicate the machine from on premise to AWS. but when we try to restore the speed is very limited. we are using EC2 instance m5.xlarge

Replicating from on premise to AWS was using the full link speed 300 Mbps while restoring from AWS to on-premise is only utilizing 7 Mbps

Although they are using the same VPN connection.

we have adjusted the MTU to 1460 as suggested by AWS and disabled Fragmentation but yet no difference.

Any suggestions why would this happen ?

preguntada hace un año259 visualizaciones
3 Respuestas
0

Have you checked your internet connection download speed? Do you have speed limitations on your Internet link?

profile picture
EXPERTO
respondido hace un año
  • Yes, besides the VPN, the speed is ok. Download or upload on the ec2 instance is using the full bandwidth.

0

Hi Amr,

I can think of:

  • Is the VPN connection terminated on a firewall, or going through a firewall? Your firewall performance and traffic inspection for Ingress traffic can be different from Egress traffic to your on-premise network. If so, will you be able to test bypassing that specific flow?
  • Did this Tunnel have any records of performing downloads at higher speed than what is your case now?
  • Is the download done by the Dell machine part of recovery/restore operation? Is there any decryption/checksum operation taking up resources on CPU\Memory?
  • Can you test the download speed over VPN using other operation from the same m5.xlarge instance to your machine?
profile pictureAWS
EXPERTO
AmerO
respondido hace un año
0

Hello,

you need to check below thing.

  1. Usage of your internet link, it might be chocked.
  2. have you checked the server utilization , it may be some process causing issue.
  3. what is the firewall interface capacity, you may have 10TB link but if firewall port is of 1 gig you will not get more than 1gig speed.
  4. changing MTU may not help as change MTU size should be end to end, which is impossible to have over internet.
Sachin
respondido hace un año

No has iniciado sesión. Iniciar sesión para publicar una respuesta.

Una buena respuesta responde claramente a la pregunta, proporciona comentarios constructivos y fomenta el crecimiento profesional en la persona que hace la pregunta.

Pautas para responder preguntas